Is Risken Mcp Server safe to use?

Risken Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under MIT.

How do I install Risken Mcp Server?

Risken Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Risken Mcp Server do?

Risken Mcp Server provides 4 tools: get_context, search_finding, archive_finding, search_alert. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Risken Mcp Server?

Risken Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Risken Mcp Server actively maintained?

Risken Mcp Server is less actively maintained — last commit was 127 days ago. It has 7 GitHub stars.

Risken Mcp Server

Name: Risken Mcp Server
Author: ca-risken

Official

by ca-risken

RISKEN's official MCP Server

7 4 tools GitHub

No known CVEs

MIT license

Maintained

Last commit 127d ago

Works with most clients

Transport: stdio, http

4 tools · ~468 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "risken": {
      "env": {
        "RISKEN_URL": "http://localhost:8098",
        "RISKEN_ACCESS_TOKEN": "your_access_token"
      },
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "RISKEN_ACCESS_TOKEN",
        "-e",
        "RISKEN_URL",
        "ghcr.io/ca-risken/risken-mcp-server",
        "stdio"
      ],
      "command": "docker"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/risken-mcp-server)](https://mcppedia.org/s/risken-mcp-server)

Read me

What Risken Mcp Server does

The RISKEN MCP Server is a Model Context Protocol (MCP) server that provides seamless integration with RISKEN APIs, enabling advanced automation and interaction capabilities for developers and tools.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

68/100across 5 weighted dimensions

How we score →

0255075100

−32

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (4)

Click any tool to inspect its schema.

~468 tokens total

Inventory

Resources (1)

finding_contents

Retrieves the content of a specific finding

finding://{project_id}/{finding_id}

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Risken Mcp Server safe to use?: Risken Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under MIT.
How do I install Risken Mcp Server?: Risken Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Risken Mcp Server do?: Risken Mcp Server provides 4 tools: get_context, search_finding, archive_finding, search_alert. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Risken Mcp Server?: Risken Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Risken Mcp Server actively maintained?: Risken Mcp Server is less actively maintained — last commit was 127 days ago. It has 7 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Risken Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "risken": {
      "env": {
        "RISKEN_URL": "http://localhost:8098",
        "RISKEN_ACCESS_TOKEN": "your_access_token"
      },
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "RISKEN_ACCESS_TOKEN",
        "-e",
        "RISKEN_URL",
        "ghcr.io/ca-risken/risken-mcp-server",
        "stdio"
      ],
      "command": "docker"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/risken-mcp-server)](https://mcppedia.org/s/risken-mcp-server)

Read me

What Risken Mcp Server does

The RISKEN MCP Server is a Model Context Protocol (MCP) server that provides seamless integration with RISKEN APIs, enabling advanced automation and interaction capabilities for developers and tools.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

RISKEN MCP Server

The RISKEN MCP Server is a Model Context Protocol (MCP) server that provides seamless integration with RISKEN APIs, enabling advanced automation and interaction capabilities for developers and tools.

Use Cases

By connecting the RISKEN MCP server to your everyday AI tools, you can perform various operations such as:

Checking active alerts in RISKEN and monitoring their status.
Searching, analyzing, and reviewing findings including their explanations and remediation steps.
Archiving resolved findings to maintain a clean and organized security posture.

Prerequisites

To run the server in a container, you will need to have Docker installed.
Once Docker is installed, you will also need to ensure Docker is running.
You will also need to have a RISKEN Access Token.

Local MCP Server

Please add the following MCP server configuration to your MCP Client (Claude Desktop or Cursor) settings.

{
  "mcpServers": {
    "risken": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "RISKEN_ACCESS_TOKEN",
        "-e",
        "RISKEN_URL",
        "ghcr.io/ca-risken/risken-mcp-server",
        "stdio"
      ],
      "env": {
        "RISKEN_URL": "http://localhost:8098",
        "RISKEN_ACCESS_TOKEN": "your_access_token"
      }
    }
  }
}

Remote MCP Server

RISKEN MCP Server supports Streamable HTTP.

on Local

docker run -it --rm \
  -e RISKEN_URL=http://localhost:8098 \
  -e RISKEN_ACCESS_TOKEN=xxxxxx \
  -p 8080:8080 \
  ghcr.io/ca-risken/risken-mcp-server http

on Cloud Run

You can deploy the server on Google Cloud Run with Terraform.

Visit terraform/examples/googlecloud and deploy the server on Google Cloud Run with Terraform.
Add the following MCP server configuration to your MCP Client (Claude Desktop or Cursor) settings.

Note: Since most MCP clients only allow stdio connections, it is currently necessary to use mcp-remote as a proxy to connect to remote MCP servers.

Claude Desktop, Cursor ...

{
  "mcpServers": {
    "risken": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "http://localhost:8098/mcp",
        "--header",
        "RISKEN-ACCESS-TOKEN:${RISKEN_ACCESS_TOKEN}"
      ],
      "env": {
        "RISKEN_ACCESS_TOKEN": "xxxxxx"
      }
    }
  }
}

Third-Party Authorization (OAuth2.1)

RISKEN MCP Server supports Third-Party Authorization (OAuth2.1) that enables secure authentication through external Identity Providers (IdP).

Overview

The OAuth2.1 implementation follows the MCP Authorization specification with Third-Party Authorization Flow, where:

MCP Client initiates OAuth flow with MCP Server
MCP Server acts as authorization server and redirects user to IdP
IdP authenticates user and returns to MCP Server
MCP Server issues access token for MCP Client
MCP Client uses access token for subsequent MCP requests

OAuth Flow

sequenceDiagram
    participant Browser as User Browser
    participant Client as MCP Client
    participant Server as MCP Server
    participant IdP as Identity Provider

    Client->>Server: POST /mcp (no auth)
    Server->>Client: 401 Unauthorized + WWW-Authenticate
    Client->>Server: GET /.well-known/oauth-authorization-server
    Server->>Client: Authorization metadata
    Client->>Server: POST /register (Dynamic Client Registration)
    Server->>Client: client_id
    Clie

... [View full README on GitHub](https://github.com/ca-risken/risken-mcp-server#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

68/100across 5 weighted dimensions

How we score →

0255075100

−32

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (4)

Click any tool to inspect its schema.

~468 tokens total

Inventory

Resources (1)

finding_contents

Retrieves the content of a specific finding

finding://{project_id}/{finding_id}

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Risken Mcp Server safe to use?: Risken Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under MIT.
How do I install Risken Mcp Server?: Risken Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Risken Mcp Server do?: Risken Mcp Server provides 4 tools: get_context, search_finding, archive_finding, search_alert. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Risken Mcp Server?: Risken Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Risken Mcp Server actively maintained?: Risken Mcp Server is less actively maintained — last commit was 127 days ago. It has 7 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Risken Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?